[keycloak-dev] Sessions in admin console

Bill Burke bburke at redhat.com
Wed Mar 12 16:00:50 EDT 2014


Ok.

LogoutAll at the Realm level from admin console will set a 
realm.notBefore policy to now.  This will force a relogin for everybody.

LogutAll at the user level creates a notBefore policy for the individual 
user.

On 3/12/2014 2:55 PM, Bill Burke wrote:
> Ya know.  They way it works is kinda silly.  A Logout should probably
> set a notBefore policy too.
>
> On 3/12/2014 2:02 PM, Bill Burke wrote:
>>
>>
>> On 3/12/2014 12:46 PM, Stian Thorgersen wrote:
>>> It's really nice to see logged in users, and to be able to manage sessions through the admin console. I've spotted a few issues though:
>>>
>>> * Logout All (realm/sessions) or Logout specific user (realm/applications/app) doesn't seem to work - only thing I could do to actually logout a user was to set the not before
>>> * Users/sessions for users logged in to admin console or account doesn't work
>>
>> View the wildfly console.  You *are* being logged out, but your identity
>> token is still active so when you get redirected to recreate the totem,
>> you get relogged in.  The logout button in admin console can't change
>> the user's cookies.
>>
>> Maybe instead of logout call it "Invalidate SEssion"  or "Logout Session"?
>>
>>> _______________________________________________
>>> keycloak-dev mailing list
>>> keycloak-dev at lists.jboss.org
>>> https://lists.jboss.org/mailman/listinfo/keycloak-dev
>>>
>>
>

-- 
Bill Burke
JBoss, a division of Red Hat
http://bill.burkecentral.com


More information about the keycloak-dev mailing list